From Host Card Emulation (HCE) and tokenization, to empowering organizations to become their own Token Service Provider (TSP), Rambus Bell ID software provides a comprehensive, mobile payment solution to banks and retailers worldwide that loads and manages payment credentials on Near Field Communication (NFC)-based smartphones and connected devices. Learn more about Security

Featuring comprehensive solutions for both physical and virtual smart cards, the Rambus Smart Ticketing suite of products, including technology from Ecebs, offer secure and easy-to-implement solutions for any transport scenario, including rail, bus, and ferry. Learn more about Security

Made for high speed, reliability and power efficiency, our DDR3 and DDR4 chipsets, recently acquired from Inphi, for RDIMM and LRDIMM server modules deliver top-of-the-line performance and capacity for the next wave of enterprise and data center servers. Learn more about Memory + Interfaces

With their reduced power consumption and industry-leading data rates, our line-up of memory interface IP solutions support a broad range of industry standards with improved margin and flexibility. Learn more about Memory + Interfaces

Inspired by the innovative thinking at the heart of Rambus Labs, the Emerging Solutions division at Rambus works to translate extraordinary theory into everyday practice. Learn more about Emerging Solutions

Malware targets IoT devices for data wipes

Malware targets IoT devices for data wipes

This entry was posted on Wednesday, April 12th, 2017.

Lucian Constantin of IDG News Service confirms that attackers have begun adding data-wiping routines to malware targeting Internet of Things (IoT) devices. One such example is Amnesia, which infects digital video recorders by exploiting a well-known vulnerability.

“Amnesia is a variation of an older IoT botnet client called Tsunami, but what makes it interesting is that it attempts to detect whether it’s running inside a virtualized environment,” Constantin explained.

“The malware performs some checks to determine whether the Linux environment it’s running in is actually a virtual machine based on VirtualBox, VMware, or QEMU. Such environments are used by security researchers to build analysis sandboxes or honeypots. If Amnesia detects the presence of a virtual machine, it will attempt to wipe critical directories from the file system using the Linux “rm -rf” shell command.”

Another example of malware targeting IoT devices for data wipes is BrickerBot, which launches from compromised routers and wireless access points against other Linux-based embedded devices.

“The malware attempts to authenticate with common username and password combinations on devices that have the Telnet service running and are exposed to the internet,” he stated. “If successful, it launches a series of destructive commands intended to overwrite data from the device’s mounted partitions. It also attempts to kill the internet connection and render the device unusable.”

According to Constantin, most users are unlikely to ever know if their routers, IP cameras, or network-attached storage systems are infected with malware and are being used in DDoS attacks, because the impact on their performance might be unnoticeable.

“However, they will immediately know that something is wrong if they’re hit by BrickerBot because their devices will stop working and many of them will likely require manual intervention to fix,” he added.

As we’ve previously discussed on Rambus Press, nearly every device is a potential target for cyber criminals. Reducing the IoT attack surface starts with adequately protecting both services and endpoints, because an attacker cannot compromise an endpoint without first establishing an unauthorized communication channel.

An IoT security solution should therefore only allow legitimate, verified cloud services to ‘talk’ with each device by detecting and thwarting unauthorized communication attempts. In addition, IoT devices should be uniquely and cryptographically verified to determine if they are authorized to connect, thereby reducing the attack surface of the service by preventing remote attacker access directly or via malicious or compromised endpoints.

Perhaps most importantly, IoT security solutions should be ready out of the box: simple, affordable and easy to use. One effective method of simplifying security and reducing costs is to deploy IoT devices with tamper-proof pre-provisioning keys and identifiers. This model will allow service providers to bolster security for a wide range of connected ’things.’

Interested in learning more about protecting IoT endpoints? You can check download our eBook on the subject below.